Skip to content
This repository has been archived by the owner on Oct 16, 2020. It is now read-only.

hyperkube: request for /usr/bin/jq to be included #1706

Closed
TerraTech opened this issue Dec 13, 2016 · 6 comments
Closed

hyperkube: request for /usr/bin/jq to be included #1706

TerraTech opened this issue Dec 13, 2016 · 6 comments
Assignees
Labels

Comments

@TerraTech
Copy link

TerraTech commented Dec 13, 2016

CoreOS Version

1185.5.0 (bare-metal)
quay.io/coreos/hyperkube:v1.4.6_coreos.0

When parsing JSON data passed in via Kubernetes FlexVolume, I quickly found that jq is not included in the above image.

ref: lizardfs/lizardfs#486 (comment)

An example of what I'm using it for:
/etc/kubernetes/volume-plugins/fq~lizardfs

domount() {
  ...
  FSTYPE=$(echo $3 | jq -r '.["kubernetes.io/fsType"]')
  SUBVOL=$(echo $3 | jq -r '.["kubernetes.io/subVolume"]')
  ...

Though I can tweak the kubelet service file and use volume/mount to drop in the system's jq, it would be nice if this was supported natively within the image for FlexVolume usage.

Also, jq is referenced in the Kubernetes repo for FlexVolume usage:
https://github.com/kubernetes/kubernetes/blob/master/examples/volumes/flexvolume/lvm#L72

@aaronlevy aaronlevy self-assigned this Dec 13, 2016
@aaronlevy
Copy link

/cc @pbx0

@sander-su
Copy link

+1
For the same use case (aws efs)
kubernetes/kubernetes#28226

@peebs
Copy link

peebs commented Dec 14, 2016

@TerraTech @sander-su : Normally, we usually only include dependancies in hyperkube that the kubelet directly shells out to. This makes it more tractable for us to understand if we can remove it in the future. I may be misunderstanding the execution path here but, is it not possible to to teach these plugins to parse json themselves? (ideally using a memory-safe language)

That said jq is really small. I'm not totally opposed to adding it but I want to see how feasible it is to avoid needing it altogether.

@TerraTech
Copy link
Author

TerraTech commented Dec 14, 2016

@pbx0 parsing JSON in a bash shell script is not very much fun and I'd say error prone. Doable when what you are after is at a shallow level, but more onerous in a deep structure or when dealing with arrays.

As mentioned, the use of 'jq' is already being used in an official Kubernetes FlexVolume example with the driver being a bash script.
https://github.com/kubernetes/kubernetes/blob/master/examples/volumes/flexvolume/lvm#L72

Kubernetes runs the FlexVolume driver from within its container, therefore it would need access to 'jq' if the driver is parsing JSON in the case of a scripted driver.

FlexVolume calls the driver with json parms in two cases:

  1. driver attach <json parms>
  2. driver mount <mount dir> <mount device> <json parms>

Currently to work around its absence, I've adjusted the kublet service and added the following RKT_OPTS:

--volume jq,kind=host,source=/usr/bin/jq
--mount  volume=jq,target=/opt/bin/jq
--volume jq-lib,kind=host,source=/usr/lib64/libjq.so.1.0.4
--mount  volume=jq-lib,target=/lib/libjq.so.1

@peebs
Copy link

peebs commented Dec 14, 2016

@TerraTech OK, you've convinced me :) We will include it in the next hyperkube release. So probably v1.5.2 or if v1.5.1 ends up needing a point release because of hyperkube vulns.

k8s-github-robot pushed a commit to kubernetes/kubernetes that referenced this issue Dec 15, 2016
Automatic merge from submit-queue (batch tested with PRs 37190, 38793)

cluster/images/hyperkube: add jq for some volume plugins

**What this PR does / why we need it**:

Some flexvolume plugins use jq. See also coreos/bugs#1706

It weighs in at about 400kb, so seems sane to include.

**Release note**:
```release-note
NONE
```

cc @luxas @pbx0
@TerraTech
Copy link
Author

TerraTech commented Dec 16, 2016

@pbx0 & @euank Thank you very much

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
Projects
None yet
Development

No branches or pull requests

5 participants